Akamai Diversity
Home > Web Security

Recently in Web Security Category

Akamai at Cloud Partners Conference

Scheduling note: I'll be moderating a keynote panel at the Cloud Partners Conference in Boston Wednesday, Sept. 16. The conference is Sept. 16-18 at the Hynes Convention Center.

Panel details:
  • Time: 12:30 - 1:30 p.m.
  • Topic: Cloud Risk: Hype Vs. Reality
  • Description: We'll discuss security best practices in the cloud and hear what is and isn't working for different companies. The ultimate lesson: Cloud security is attainable.
  • Moderator: Bill Brenner, Senior Tech Writer, Akamai Security Intelligence Response Team (SIRT)
  • Panelists: Andy Daudelin, Vice President, Cloud and Cloud Networking, AT&T, Mike Davis, CTO, CounterTack and Bernie McGroder, Vice President, Sales Engineering, GTT Communications Inc.

I look forward to a great discussion!

Akamai Edge 2015 Cloud Security Track

Next month, I'll be at the Akamai Edge customer conference. It's a terrific opportunity to meet face-to-face with a lot of our customers and get their feedback on what's working for them and what we can improve upon. A robust Web Security track of talks is planned, and I'll be blogging about it. 

The security track will run each day of Edge. Here's a tentative look at some of the discussions we have planned.

Teens Busted for Exploiting Lizard Squad Attack Tool

In January, we told you about Lizard Squad, an attack group that ruined Christmas for a lot of Sony Playstation and Xbox users by launching DDoSes against those gaming networks. The authorities have been chasing them down since then, and this month six teens were arrested for using Lizard Squad's signature Lizard Stresser DDoS attack tool.

Accuracy

There can sometimes be a fine line between suspicion and guilt. Determining malicious or "good" activity can be a challenging task in today's cyber world full of hidden and dark secrets. A system based on accuracy and thorough analysis of all evidence will lead to the true malicious actor.
Consider a popular way to illegally extract money from someone's bank account for example. The malicious actor has created a malicious link to exploit a vulnerability using a Cross Site Forgery Request (CSRF) on a vulnerable banking site. The malicious actor makes sure that the victim clicks on the malicious link while logged onto his online banking account with the vulnerability. He thinks he is transferring $2,000 to pay the rent but this malicious link changes the request to have $20,000 from his account transferred to an anonymous bitcoin account. The money is laundered away before it can be traced.

Akamai Assists ISPs in Providing a Family-Friendly Internet

 

Family and Internet safety advocates have lobbied long and hard to government regulators and Internet service and content providers for stronger measures and controls over the types of content viewable by children when online. And based on recent reports, some ISPs have responded in a favorable way, by implementing services that place automatic blocks on "high risk" websites including those that feature nudity or sexual content or are related to drugs, alcohol or tobacco, among others. Furthermore, users seem to be taking advantage of these services rather than opting out of them, creating safer Internet environments in their homes, while Internet providers reap the benefits of high scores for customer satisfaction and the potential for long-term revenue growth. A true win-win!


It's summertime!  While most people are relaxing at the beach or enjoying a BBQ, here at Akamai we've already shifted sights towards the winter to provide relief for retailers by ensuring they have fast, reliable and secure e-commerce sites in time for the holidays.  The holiday season, after all, is just around the corner.  Here are four key ways we are helping retailers convert more shoppers into buyers while also securing their web experiences:


(1)  Make the experience fast

Last year, for the first time, Akamai saw more than 50% of holiday traffic from mobile devices during certain periods of the day.  This trend will undoubtedly continue as shoppers embrace multi-channel experiences while accessing content from different devices at different times of the day.  Akamai's Real User Monitoring (RUM) provides retailers with a detailed understanding of the actual page load time visitors experience across the myriad of devices and networks.  Akamai Ion provides the fastest acceleration for content accessed on all types of devices and networks including the unique challenges of responsive web design, congested cellular networks and those pesky API calls which slow down the mobile app experience.

How Can You Trust a Website?


During an early summer morning on August 1982, in the brightly lit hallway of a non-descript academic building on the campus of University of California Berkeley, two scientists who were working on what the world will later know as the Internet, had a brief but very important conversation:

"How can we trust ARPANET?"

"Because you can trust your colleagues."

Media Coverage of the Q2 2015 SOTI Security Report

It's only been a couple days since we released the Q2 2015 State of the Internet Security Report, but it has already generated a fair amount of media coverage. The following articles are what we've seen so far.

Attackers are using insecure routers and other home devices for DDoS attacks (Computerworld)

A report released Tuesday by cloud services provider Akamai Technologies shows that the number of DDoS attacks is on the rise. During the second quarter of 2015 it increased by 7 percent compared to the previous three months and by 132 percent compared to the same period last year, the company's data revealed.


Search Engine Optimization (SEO) campaigns are prevalent and legitimate ways to promote web applications in order to get a better visibility and more traffic to your web application. But what happens when an SEO campaign crosses the line into the dark side and becomes malicious?

Recently the Akamai Threat Research Team discovered a highly sophisticated SEO attack campaign that was promoting the search results rating for a web application that allows users to share their cheating and infidelity stories.

Do the WAF Revolution

Akamai famously lost the first competition it entered, the MIT 50k, before securing funding and becoming a wildly successful start up and one of the largest IPOs in history.  Today Akamai is a 2B public company that prides itself on fighting the odds in order to challenge the status quo and provide business value to customers.